Security Risk & Compliance Management Specialist
United Kingdom - Greater London
Applications have closed
Rackspace
As a cloud computing services pioneer, we deliver proven multicloud solutions across your apps, data, and security. Maximize the benefits of modern cloud.
Rackspace currently have a fantastic opportunity for an experience Security Risk & Compliance specialist to join our EMEA team
Key ResponsibilitiesCollaborates across the organization to execute and mature the Risk Assessment process, including developing all necessary charters, processes, methodologies, and reports. Participates in cross-functional workgroups and planning meetings to promote ideal solutions that meet the objectives of both the business and the IT Risk, Compliance, and Information Security team. Where ideal solutions cannot be found, identifies and reports enterprise level risks and failures to management for escalation. Promotes sharing of expertise through consulting, presentation, and documentation. Assists in training other Information Security, IT Risk, and compliance staff. Communicates the value of IT Risk, Compliance, and Information Security within the organization. Continuously validates the organization against additional mandates, as developed, to ensure full compliance. Promotes sharing of expertise through consulting, presentation, and documentation. Assists in training other Compliance or Security staff where necessary. Communicates the value of Compliance and Information Security within the organization. Continuously validates the organization against additional mandates, as developed, to ensure full compliance. Coordinates cross-functionally to ensure a holistic approach to security and compliance across the organization. Evaluates, monitors, and ensures compliance with IT Risk and Information Security policies, standards, guidelines and relevant legal and regulatory requirements. Supports business partners where necessary in dealing with current and prospective clients.
Risk: Conducts IT Risk and Information Security due diligence activities relative to vendors and third parties. Conducts risk assessments and documents findings where the deviation from an information security or IT Risk policy or standard is desired. Creates risk remediation plans with business owners and follows through in the implementation of changes. Compliance: Conducts annual audits for industry specific reports, including PCI, ISO27001, SOC1, SOC2, SOC3, SOX, and CDSA. Documents findings where deviations exist through internal or external testing. Develops internal control testing and documented processes. Updates internal control matrices where necessary to support annual changing environments. Ability to adapt and create processes as applicable, including changes in processes or reporting metrics. Executes as the conduit between internal control owners and external auditors, including kickoff meetings, interview requests, closing meetings, and evidence gathering. Executes internal customer audits which include scheduling, presentation of the Rackspace compliance portfolio, and overseeing the successful visit in conjunction with Account Managers.
KnowledgeExcellent written and verbal communication skills. Able to communicate with all levels of the organization. Aptitude to develop and maintain internal and external business relationships and to leverage those relationships in pursuit of goals and responsibilities. Excellent analytical skills to analyze and evaluate technical information. Strong knowledge of application and system vulnerabilities and exposures. Knowledge of basic system, network, and operating system hardening techniques. Excellent knowledge of Information Assurance (IA) principles and tenets (confidentiality, integrity, availability, authentication, non-repudiation). Strong knowledge of network architecture concepts including topology, protocols, and components. Knowledge of network communication protocols and directory services. Knowledge of network security architecture and risks associated. Knowledge of system administration concepts for Unix/Linux and/or Windows operating systems. Strong knowledge of security policies and practices, including ISO 27001 and Payment Card Industry (PCI). Ability to work independently on tasks and take ownership of projects.
CertificationsSecurity+, Network+, Project+, CISSP, Professional certifications preferred. Risk: CRISC, ISSEP, GCED, GCIA. Compliance: CISA
ExperiencePractical information security experience in developing and maintaining secure architectures for large enterprises is required
#LI-SB1
About Rackspace TechnologyWe are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future. More on Rackspace TechnologyThough we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.
Key ResponsibilitiesCollaborates across the organization to execute and mature the Risk Assessment process, including developing all necessary charters, processes, methodologies, and reports. Participates in cross-functional workgroups and planning meetings to promote ideal solutions that meet the objectives of both the business and the IT Risk, Compliance, and Information Security team. Where ideal solutions cannot be found, identifies and reports enterprise level risks and failures to management for escalation. Promotes sharing of expertise through consulting, presentation, and documentation. Assists in training other Information Security, IT Risk, and compliance staff. Communicates the value of IT Risk, Compliance, and Information Security within the organization. Continuously validates the organization against additional mandates, as developed, to ensure full compliance. Promotes sharing of expertise through consulting, presentation, and documentation. Assists in training other Compliance or Security staff where necessary. Communicates the value of Compliance and Information Security within the organization. Continuously validates the organization against additional mandates, as developed, to ensure full compliance. Coordinates cross-functionally to ensure a holistic approach to security and compliance across the organization. Evaluates, monitors, and ensures compliance with IT Risk and Information Security policies, standards, guidelines and relevant legal and regulatory requirements. Supports business partners where necessary in dealing with current and prospective clients.
Risk: Conducts IT Risk and Information Security due diligence activities relative to vendors and third parties. Conducts risk assessments and documents findings where the deviation from an information security or IT Risk policy or standard is desired. Creates risk remediation plans with business owners and follows through in the implementation of changes. Compliance: Conducts annual audits for industry specific reports, including PCI, ISO27001, SOC1, SOC2, SOC3, SOX, and CDSA. Documents findings where deviations exist through internal or external testing. Develops internal control testing and documented processes. Updates internal control matrices where necessary to support annual changing environments. Ability to adapt and create processes as applicable, including changes in processes or reporting metrics. Executes as the conduit between internal control owners and external auditors, including kickoff meetings, interview requests, closing meetings, and evidence gathering. Executes internal customer audits which include scheduling, presentation of the Rackspace compliance portfolio, and overseeing the successful visit in conjunction with Account Managers.
KnowledgeExcellent written and verbal communication skills. Able to communicate with all levels of the organization. Aptitude to develop and maintain internal and external business relationships and to leverage those relationships in pursuit of goals and responsibilities. Excellent analytical skills to analyze and evaluate technical information. Strong knowledge of application and system vulnerabilities and exposures. Knowledge of basic system, network, and operating system hardening techniques. Excellent knowledge of Information Assurance (IA) principles and tenets (confidentiality, integrity, availability, authentication, non-repudiation). Strong knowledge of network architecture concepts including topology, protocols, and components. Knowledge of network communication protocols and directory services. Knowledge of network security architecture and risks associated. Knowledge of system administration concepts for Unix/Linux and/or Windows operating systems. Strong knowledge of security policies and practices, including ISO 27001 and Payment Card Industry (PCI). Ability to work independently on tasks and take ownership of projects.
CertificationsSecurity+, Network+, Project+, CISSP, Professional certifications preferred. Risk: CRISC, ISSEP, GCED, GCIA. Compliance: CISA
ExperiencePractical information security experience in developing and maintaining secure architectures for large enterprises is required
#LI-SB1
About Rackspace TechnologyWe are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future. More on Rackspace TechnologyThough we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.
Tags: Audits CISA CISSP Compliance CRISC GCED GCIA ISO 27001 Linux Network security Risk assessment SOC 1 SOC 2 SOC 3 UNIX Vulnerabilities Windows
Perks/benefits: Team events
Region:
Europe
Country:
United Kingdom
Job stats:
7
0
0
Category:
Compliance Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs